M
Michael Neumann
Hi,
Okay, there are the different $SAFE levels. But why not simply removing
dangerous methods, like:
undef `
undef system
undef require
...
or replacing them by your own?
I guess, this is as secure as any $SAFE level (of course it depends on
which methods you are removing). Or am I missing something? The problem
is that this way you can't run other "good" code next to your "bad" code
(as it is possible with $SAFE).
It would be very nice to execute some Ruby code in such a reduced
environment without affecting the other "good" code:
env = Environment.new
env.remove_method :system
env.remove_constant :ENV
env.remove_global "$0"
...
env.eval dangerous_code
# or
env = Environment.fresh
env.add_method :system
env.add_constant :ENV, ENV
...
BTW, is this possible to implement in Ruby or a C extension? I guess
not. Or would it work with two (or multiple) anonymous modules, one for
the good code, one for the bad code, and then by removing all
methods/constants/global variables outside those two modules?
Regards,
Michael
Okay, there are the different $SAFE levels. But why not simply removing
dangerous methods, like:
undef `
undef system
undef require
...
or replacing them by your own?
I guess, this is as secure as any $SAFE level (of course it depends on
which methods you are removing). Or am I missing something? The problem
is that this way you can't run other "good" code next to your "bad" code
(as it is possible with $SAFE).
It would be very nice to execute some Ruby code in such a reduced
environment without affecting the other "good" code:
env = Environment.new
env.remove_method :system
env.remove_constant :ENV
env.remove_global "$0"
...
env.eval dangerous_code
# or
env = Environment.fresh
env.add_method :system
env.add_constant :ENV, ENV
...
BTW, is this possible to implement in Ruby or a C extension? I guess
not. Or would it work with two (or multiple) anonymous modules, one for
the good code, one for the bad code, and then by removing all
methods/constants/global variables outside those two modules?
Regards,
Michael